> how enshittified Google and Apple have become
I don’t know about pop-ups or whatever, but as far as mobile security Apple appears to be running the table. Last cellebrite leak showed they couldn’t do anything in BFU, and you can tell Siri to put it back in BFU without hands while being arrested.
BFU = Before First Unlock after power on or reboot.
In this state, a significant portion of the data on the device remains encrypted and inaccessible, unlike the "After First Unlock" (AFU) state, where the necessary encryption keys are available.
>Last cellebrite leak showed they couldn’t do anything in BFU, and you can tell Siri to put it back in BFU without hands while being arrested.
Source? Note that "disables faceid/fingerprint" isn't the same as "BFU".
Lots more devices are safe BFU than just Apple's. It's not that complicated on a technical level - it's basically full-disk encryption.
Apple sells the illusion of security and privacy, but they're not meaningfully more secure or private except from the device's owner. Remember when they made a big deal of blocking Facebook tracking, while simultaneously adding their own intrusive tracking?
>Lots more devices are safe BFU than just Apple's. It's not that complicated on a technical level - it's basically full-disk encryption.
That's not the full story. Using LUKS encryption on your linux laptop might make it "safe BFU", but only if you're using a high entropy password. Most people don't want to enter a 24 character password to unlock their phone, so Apple/Google have to add dedicated security hardware to resist bruteforce attempts, hence the vulnerabilities.
True but those chips also exist for PCs. Some USB security keys have this feature.
Do they actually implement anti-bruteforce protections though? Or does it just provide a static secret? Moreover how strong are the anti-bruteforce protections? Do they restrict attempts to a few per second, or actually keep track of how many wrong attempts and wipe themselves if that's exceeded?
There are many different ones.
> Lots more devices are safe BFU than just Apple's. It's not that complicated on a technical level - it's basically full-disk encryption.
So we agree: it's puzzling that Google can't manage to do it.
Google being bad doesn't mean Apple is good.
Aye but it is good Apple is safe out of the box. BFU is a low bar, and the shame is on Google.
>Lots more devices are safe BFU than just Apple's
Really? Secure against the exploits and methods these tools 3 letter agencies employ? I hate to cry source, but base Android isn't secure. What devices have similar hardware-level security, or have their Android flavor shipping with these Graphene-OS-level patches?
> Really? Secure against the exploits and methods these tools 3 letter agencies employ?
Before First Unlock data on your device is as safe as your password safe. It doesn't really matter if you use Android, iOS or any other devices as long as it have modern crypto on it.
Can't manage to do what? Google devices are still full-disk encrypted at BFU... this article is a nothingburger and many previous version charts have been put out over the years.
“Siri, whose phone is this” doesn’t work on recent iOS versions. You could ask it to reboot, but that requires confirmation
Cellebrite is like the Kmart Blue Light Special of Israeli spyware, when you compare it to Greykey and NSO Group offerings. I would not use their capabilities as the be-all end-all.
> the Kmart Blue Light Special
Hello fellow old timer. Do kids today even get this reference other than possibly just on context? My other favorite old store was a place called Gibsons where their stores signage had each upper case letter as an individual square. After it went under, more than one location became SBINGOS joints where first/last squares were no longer lit.
Another old-timer here who grew up with Gibsons. It was the only grocery store in town back in the days before WalMart invaded. Ammunition, camping gear, dry goods, garden supplies, farm and ranch supplies, blue jeans, shirts, ties, overalls, etc. They sold everything under one roof in a town of 2500.
I thought they had all been swallowed up and shut down until I moved up here to N Texas and was surprised to find a Gibsons here. It took me a while before curiosity took hold but several years later I visited the store, approx 2003-2004ish, and found they still used old-school cash registers, had no UPC scanning capability and every item had a price tag stuck to it. I think they have since moved into the more modern world locally but the store is still there and is a good source for items that you used to need to go to the town's original hardware stores to find. Some of the items on the shelves may have been in inventory here since the 1970's or 1980's. It's a bit like a time machine where you can get obsolete stuff in a pinch if it is still in stock.
I worked slapping price tags on items in KMart back in the day so I too understand the reference. Glad I'm done with that.
> I moved up here to N Texas and was surprised to find a Gibsons here.
Curiosity kills the cat. What part of NTX? I'm willing to take a trip this weekend just for the lulz. You talking Sherman/Dennison/Paris/Gainesville north, or just Denton/McKinney north? Only thing I'm seeing is one way out west in Weatherford.
That's the closest one to me. I'm in that direction though not in that town. There on Main Street on the left heading south from the courthouse.
You could say that they "hacked the Gibsons".
I was pretty much looking for this info. Thank you.